You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A range of dependencies have been flagged as containing security vulnerabilities on crates.io. These are not
direct dependencies as they do not appear in Cargo.toml but exist in the dependency tree.
The following is a list of crates which are vulnerable:
• cranelift-codegen : v0.67.0
• cranelift-codegen : v0.68.0
• generic-array : v0.12.3
• raw-cpuid : v7.0.4
This is related to near-sdk-rs and near-sdk-sim versions used in the contract which internally uses wasmer-compiler-near. So when near-sdk-rs v4 is released, updating the used near-sdk-rs for ths repo will fix the issue.
The text was updated successfully, but these errors were encountered:
A range of dependencies have been flagged as containing security vulnerabilities on crates.io. These are not
direct dependencies as they do not appear in Cargo.toml but exist in the dependency tree.
The following is a list of crates which are vulnerable:
• cranelift-codegen : v0.67.0
• cranelift-codegen : v0.68.0
• generic-array : v0.12.3
• raw-cpuid : v7.0.4
Please, consider upgrading:
cranelift-codegen : >= v0.73.1
• generic-array : >= v0.12.4 OR >= v0.13.3
• raw-cpuid : >= v9.0.0
This is related to
near-sdk-rs
andnear-sdk-sim
versions used in the contract which internally useswasmer-compiler-near
. So whennear-sdk-rs
v4 is released, updating the usednear-sdk-rs
for ths repo will fix the issue.The text was updated successfully, but these errors were encountered: